Notes on 'Bitcoin: A Peer-to-Peer Electronic Cash System'

Bitcoin is the first electronic coin to succeed, and it’s truly a child of its
time. It’s hard to compare it to normal money because so many of the concepts
are foreign to non-tech people. Despite being foreign, the fundamentals are all
there: store of value, transactions, incentives, money supply, etc.

The paper was published almost 10 years ago by Satoshi Nakamoto. It signifies
the start of cryptocurrencies being taken seriously. If you are interested in
cryptocurrency, you should read this paper. It is very short and readable.

These rough working notes were taken after (re-)reading the paper and without
referencing it. This is part of an experiment I am doing in getting better at
note taking and absorbing what I am reading. Thus these notes are incomplete and
might contain errors.

The paper

Bitcoin is a new kind of money. It allows for the transaction of value
directly between two individuals, as opposed to via a third-party financial
institution, such as a bank. It does this using public key cryptography,
where one person can sign a transaction saying: “I want person with with this
digital signature to have this money”. Since it lacks a central point of
authority, it works as a peer to peer network. The transactions are kept in a
public ledger called the blockchain.

This allows for showing intent of transferring money, but there’s a long
standing problem of double-spending, whereby an individual can spend the same
money twice. The way to solve that is to be aware of all transactions that have
taken place at a given point in time. Assuming we know money has already been
spent once at time t, at time t+1 we can see validate that money hasn’t been
spent already.

If we have a public record of transactions, we need to come to a consensus
about the order of these transactions. Bitcoin does this by using a distributed
timestamp server that chains blocks of transactions together, i.e. a
blockchain. Each block is mined by miners that solve a hard math problem
that takes some amount of CPU power.

Another, not explicitly stated goal, is to have a currency not controlled by a
central government. This is quite clear if you read the background literature
in Cypherpunk, which is where the idea of electronic cash first came about. This
is called into question with the current (year 2017) scaling controversy around
the group controlling the development of the official Bitcoin client.

Another interesting propery is that the money supply is controlled in advance,
which is very unlike fiat currency, and makes Bitcoin more similar to gold.
This is also not talked about in this specific paper.

Mining

Mining a block requires time and effort. Once some miner finds a block, it
publishes this to the rest of the network. Each node verifies that the
transactions in that block haven’t already taken place, as well as making sure
the proof of work hash makes sense. This works because, just like in public
key cryptography, we can construct a function f: x -> y where it is very hard to
find x given y, but it is easy to find y given x. This is a one-way function. I
wish I could give some visual example of this difficulty, or perhaps simulate
it. But it’s an implementation detail, as far as Bitcoin is concerned.

If an individual node receives a block and it is valid, it incorporates that
into its blockchain and start working on the next block. As an individual user
(or node, for that matter) wants to check what the source of truth of the system
is, it simply queries a bunch of nodes to figure out which chain of blocks is
the longest.

Sometimes two blocks are found at roughly the same time. The way this gets
resolved is that each node keeps track of multiple chains until it is clear
which one is longest. The longest one is the valid one. 1 CPU = 1 vote in this
system. This is why multiple confirmations are often needed to ensure a
transaction went through.

A block consists of some state, such as hash of the previous block, a list of
transactions, a block number and a nonce. The nonce is the number such that
the SHA256 of the whole block starts with a specified number of zeroes. This
is how the difficulty of mining a block is determined. It’s very easy to check
that the SHA256 of the block has the desired property, but if you change the
nonce it is very difficult to get the SHA256 to be right. There’s some code that
each node is running which ensures that it takes, on average, 10 minutes to find
the next block.

It isn’t clear to me how it is ensured each node is running the same or a
similar client. This is also not touched upon in the paper, but I assume there
are some codified rules that means nodes accept block updates from other nodes
that fulfill certain properties.

Incentives

Why should people mine blocks? By convention, the first transaction in a block
consists of a free coin. This is the reward for the miner who mines the block
successfully. In fact, this is the only way bitcoins come into existence.

There’s another point Satoshi makes with regards to a 51% attack. The idea as
far as I can tell is that, if an attacker has control of over 50% of the CPU
power, they can falsely claim to have found blocks. One way around this is for
each node to publish that they have received a block which doesn’t validate.
Another idea here is that a miner has more to gain from being honest and play
the long game and reap mining rewards, as opposed to pulling a quick one and as
a side effect cause a loss of faith in Bitcoin as a whole. Intuitively this
makes sense, but I am not convinced a covert 51% of some sort wouldn’t still be
in the interest of the attackers.

Privacy

Unlike in the traditional financial system, where a third party (usually a bank)
ensures that not everyone can see what you buy, in Bitcoin all transactions are
public. However, while a transaction Bitcoin can be traced throughout its
history, this doesn’t necessarily mean it belongs to a specific individual. Each
individual can have many keys, and this collection of keys makes up a wallet.

It is still inescapable that there’s a money trail though, unlike cash, diamonds
and (melted and reminted) gold. This is an area that has spawned multiple
solutions, especially in black markets such as Silk Road, with automatic money
laundering services, as well as other coins like ZCash and Monero, that attempts
ot preserve privacy.

Conclusion and further reading

I’m amazed at how elegant and straightforward this paper is. It has a lot of
implications and context that is hinted at, using very precise language. I
suspect there’s a lot to gain from both going back and foward in time. There’s a
good reading list by the Nakamoto Institute for background context. Going
forward, there is the code itself, other things Satoshi and others wrote, as
well as reading about as new developments such as Ethereum and smart contracts,
etc.

The note taking experiment itself went fairly well, as it somewhat accurately
mirrors my current understanding of Bitcoin using free recall. The structure
could probably be improved, both in terms of flow but also in terms of
more accurately representing the main points of the paper. As far as a timeboxed
note taking session goes it was a success, though.